[Lista ArNOG] [lacnog] Bye Bye WPA2 ! (una nota corta de su chair..)

Ivan Chapero info en ivanchapero.com.ar
Jue Oct 19 09:54:50 ART 2017


Comparto Carlos,
pero esto escapa un poco de lo que el usuario pueda hacer "preventivamente"
dado que el protocolo vulnerado al estar presente en dispositivos algo más
embebidos, por ej un smartTV (ni que hablar algún IoT), no tenes la
interfaz de usuario suficiente para levantar VPNs o saber a ciencia cierta
si estas navegando por HTTPS.

Y lo peor que toda esa fragmentación de firmware/kernels/SO posiblemente
nunca reciban un parche.


2017-10-18 14:45 GMT-03:00 Carlos M. Martinez <carlosm3011 en gmail.com>:

> Este es un excelente ejemplo de por que debemos hacer defensa en capas.
>
> Aquello de “que me importa el dnssec si igual uso https, o que me importa
> el ipsec si igual uso wpa2” claramente no se sostiene.
>
> Necesitamos de la seguridad en todas las capas y en todos los elementos de
> la arquitectura de red.
>
> s2
>
> Carlos
>
> On 18 Oct 2017, at 0:21, Ivan Chapero wrote:
>
> *Una aclaración importante. FYI:*
>
> *------------------------------------------------*
>
> *Clarification for the WPA2 Vulnerabilities:*
> 1. Please have a look at the article <https://www.krackattacks.com/> published
> by Mathy Vanhoef and pay attention to the QA listed at the end:
> *Q: What if there are no security updates for my router?*
> *A:* Our main attack is against the 4-way handshake, and does not exploit
> access points, but instead targets clients. So it might be that your
> router does not require security updates. We strongly advise you to
> contact your vendor for more details. In general though, you can try to
> mitigate attacks against routers and access points by disabling client
> functionality (which is for example used in repeater modes) and disabling
> 802.11r (fast roaming). For ordinary home users, your priority should be
> updating clients such as laptops and smartphones.
>
> From the QA, we can get clear that the vulnerabilities only targets the
> devices act as Wi-Fi clients, including laptops, smartphones, range
> extenders working in RE mode, routers/gateways working in RE/WDS/WISP mode.
> Thus if you're using the following TP-Link products:
> # All powerline adapters
> # All mobile Wi-Fi products
> # Routers and gateways working on default Router mode or Access Point mode
> # Range extenders working in AP mode
> You will not be affected by the WPA2 vulnerabilities. What you need to do
> is updating your Wi-Fi clients.
>
> 2. Conditions of vulnerability occurrence:
> # Physical limit: The attack only happens when an attacker is in physical
> proximity to and within wireless range of your network.
> # Time limit: The attack only happens when connecting or reconnecting to
> Wi-Fi network.
>
> 2017-10-17 9:54 GMT-03:00 Maximiliano Ariel Villalba Galeano <
> max.a.villalba.galeano en gmail.com>:
>
>> https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD
>> +Reference=228519&SearchOrder=4
>>
>> Listado de equipos afectados.
>>
>> 2017-10-17 3:03 GMT-04:00 Nicolas Cortes <ncort3s en gmail.com>:
>>
>>> FYI
>>>
>>> ---------- Forwarded message ---------
>>> From: Rogerio Mariano <rsouza.rjo en gmail.com>
>>> Date: Mon, Oct 16, 2017 at 23:13
>>> Subject: [lacnog] Bye Bye WPA2 ! (una nota corta de su chair..)
>>> To: Latin America and Caribbean Region Network Operators Group <
>>> lacnog en lacnic.net>
>>>
>>>
>>>
>>>
>>> https://www.krackattacks.com/
>>> _______________________________________________
>>> LACNOG mailing list
>>> LACNOG en lacnic.net
>>> https://mail.lacnic.net/mailman/listinfo/lacnog
>>> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
>>>
>>> _______________________________________________
>>> Lista mailing list
>>> Lista en arnog.com.ar
>>> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
>>>
>>>
>>
>> _______________________________________________
>> Lista mailing list
>> Lista en arnog.com.ar
>> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
>>
>>
>
>
> --
>
> *Ivan ChaperoÁrea Técnica y Soporte*
> Fijo: 03464-470280 (interno 535) | Móvil:  03464-155-20282  | Skype ID:
> ivanchapero
> --
> GoDATA Banda Ancha - CABLETEL S.A. | Av. 9 de Julio 1163 - 2183 - Arequito
> - Santa Fe - Argentina
>
>
>
>
>
>
>
> _______________________________________________
> Lista mailing list
> Lista en arnog.com.ar
> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
>
>
> _______________________________________________
> Lista mailing list
> Lista en arnog.com.ar
> http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
>
>


-- 

*Ivan ChaperoÁrea Técnica y Soporte*
Fijo: 03464-470280 (interno 535) | Móvil:  03464-155-20282  | Skype ID:
ivanchapero
--
GoDATA Banda Ancha - CABLETEL S.A. | Av. 9 de Julio 1163 - 2183 - Arequito
- Santa Fe - Argentina
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <http://mailmancabase.interdotnet.com.ar/pipermail/lista/attachments/20171019/c92f291f/attachment-0001.html>


Más información sobre la lista de distribución Lista